<?php $title = "系统提示"; ?>
<!DOCTYPE html>

<html>

<head>
    <?php include('css.php'); ?>
    <style>
        .modal-content {
            animation: modalSlideIn 0.3s ease-out;
        }

        @keyframes modalSlideIn {
            from {
                transform: translateY(-50px);
                opacity: 0;
            }

            to {
                transform: translateY(0);
                opacity: 1;
            }
        }

        .modal-overlay {
            display: none;
            position: fixed;
            top: 0;
            left: 0;
            width: 100%;
            height: 100%;
            background: rgba(0, 0, 0, 0.5);
            justify-content: center;
            align-items: center;
            z-index: 9999;
        }

        .modal-content {
            background: white;
            padding: 20px;
            border-radius: 8px;
            min-width: 300px;
            max-width: 80%;
            position: relative;
            box-shadow: 0 2px 10px rgba(0, 0, 0, 0.1);
        }

        .close-btn {
            position: absolute;
            right: 15px;
            top: 10px;
            cursor: pointer;
            font-size: 24px;
            color: #666;
        }

        .open-modal-btn {
            padding: 10px 20px;
            margin: 50px;
            cursor: pointer;
        }
    </style>
</head>

<body>
    <div id="autoModal" class="modal-overlay">
        <div class="modal-content">

            <?php
            include('sql.php');
            session_start();
            $ip = $_SERVER["REMOTE_ADDR"];
            $time = time();
            $article = "article_article";
            $article_menu = "article_menu";
            $sql_admin = "admin_user";
            $sql_webinfo = "webinfo";
            $log = "admin_log";
            $id = $_GET['id'];
            $uid = $_GET['uid'];
            $log_uid = $_SESSION['id'];
            if (isset($_SESSION['id'])) {
                if (isset($_GET['action'])) {
                    $action = $_GET['action'];
                    switch ($action) {

                        case 'banner_upload':
                            $title = mysqli_real_escape_string($link, $_POST['title']);
                            $slogan = mysqli_real_escape_string($link, $_POST['slogan']);

                            if (
                                $_FILES['banner_image']['error'] === UPLOAD_ERR_OK &&
                                $_FILES['banner_image']['size'] <= 1000000
                            ) {

                                $allowed = ['jpg', 'jpeg', 'png', 'gif'];
                                $ext = strtolower(pathinfo($_FILES['banner_image']['name'], PATHINFO_EXTENSION));

                                if (in_array($ext, $allowed)) {
                                    $uploadDir = '../uploads/';
                                    if (!is_dir($uploadDir)) mkdir($uploadDir, 0777, true);

                                    $filename = uniqid() . '.' . $ext;
                                    $targetPath = $uploadDir . $filename;

                                    if (move_uploaded_file($_FILES['banner_image']['tmp_name'], $targetPath)) {
                                        $stmt = $link->prepare("INSERT INTO web_banners (title, slogan, url) VALUES (?, ?, ?)");
                                        $stmt->bind_param("sss", $title, $slogan, $targetPath);
                                        if ($stmt->execute()) {
                                            echo 'Banner上传成功';
                                            $text = $log_uid . "上传了Banner" . $title;
                                            $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                            $stmt = $link->prepare($log);
                                            $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                            if ($stmt->execute()) {
                                                echo "记录日志中...";
                                            } else {
                                                echo "未记录日志中..." . $stmt->error;
                                            }
                                        } else {
                                            echo "上传失败" . $stmt->error;
                                        }
                                    }
                                }
                            }
                            break;

                        case 'banner_delete':
                            $id = intval($_GET['id']);

                            $stmt = $link->prepare("SELECT url FROM web_banners WHERE id = ?");
                            $stmt->bind_param("i", $id);
                            $stmt->execute();
                            $result = $stmt->get_result();
                            if ($row = $result->fetch_assoc() && file_exists($row['url'])) {
                                unlink($row['url']);
                            }

                            $stmt = $link->prepare("DELETE FROM web_banners WHERE id = ?");
                            $stmt->bind_param("i", $id);
                            if ($stmt->execute()) {
                                echo 'Banner删除成功';
                                $text = $log_uid . "删除了Banner";
                                $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                $stmt = $link->prepare($log);
                                $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                if ($stmt->execute()) {
                                    echo "记录日志中...";
                                } else {
                                    echo "未记录日志中..." . $stmt->error;
                                }
                            }
                            break;

                        case 'banner_update':
                            $id = intval($_POST['id']);
                            $title = mysqli_real_escape_string($link, $_POST['title']);
                            $slogan = mysqli_real_escape_string($link, $_POST['slogan']);

                            $stmt = $link->prepare("UPDATE web_banners SET title=?, slogan=? WHERE id=?");
                            $stmt->bind_param("ssi", $title, $slogan, $id);
                            if ($stmt->execute()) {
                                echo 'Banner更新成功';
                                $text = $log_uid . "更新了Banner" . $title;
                                $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                $stmt = $link->prepare($log);
                                $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                if ($stmt->execute()) {
                                    echo "记录日志中...";
                                } else {
                                    echo "未记录日志中..." . $stmt->error;
                                }
                            }
                            break;



                        case 'article': //添加文章
                            $wbtreeid = intval($_POST['wbtreeid']); // 强制转为整数
                            $title = htmlspecialchars(trim($_POST['title']), ENT_QUOTES);
                            $author = htmlspecialchars(trim($_POST['author'] ?? ''), ENT_QUOTES);
                            $text = $_POST['text'];
                            $url = filter_var(trim($_POST['url'] ?? ''), FILTER_SANITIZE_URL);
                            $time = time();
                            if (empty($_POST['wbtreeid'])) {
                                echo "系统提示：请选择栏目";
                                exit;
                            }

                            if (empty($_POST['title'])) {
                                echo "系统提示：请输入标题";
                                exit;
                            }

                            try {
                                $stmt = $link->prepare("INSERT INTO $article (wbtreeid, title, author, url, content, time) VALUES (?, ?, ?, ?, ?, ?)");
                                $stmt->bind_param("issssi", $wbtreeid, $title, $author, $url, $text, $time);

                                if ($stmt->execute()) {
                                    echo "系统提示：发布成功！";
                                    $text = $log_uid . "发布了一篇文章：《" . $title . "》";
                                    $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                    $stmt = $link->prepare($log);
                                    $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                    if ($stmt->execute()) {
                                        echo "记录日志中...";
                                    } else {
                                        echo "未记录日志中..." . $stmt->error;
                                    }
                                } else {
                                    throw new Exception('数据库执行失败');
                                }
                            } catch (Exception $e) {
                                error_log('文章发布错误: ' . $e->getMessage());
                                echo "系统提示：操作失败，请稍后重试";
                            }
                            break;

                        case 'updatearticle': //更新文章
                            $id = isset($_GET['id']) ? (int)$_GET['id'] : 0;
                            $wbtreeid = isset($_POST['wbtreeid']) ? (int)$_POST['wbtreeid'] : 0;
                            $title = isset($_POST['title']) ? $_POST['title'] : '';
                            $author = isset($_POST['author']) ? $_POST['author'] : '';
                            $url = isset($_POST['url']) ? $_POST['url'] : '';
                            $text = isset($_POST['text']) ? $_POST['text'] : '';

                            $sql = "UPDATE $article SET wbtreeid = ?, title = ?, author = ?, url = ?, content = ? WHERE id = ?";
                            $stmt = $link->prepare($sql);
                            $stmt->bind_param("issssi", $wbtreeid, $title, $author, $url, $text, $id);

                            if ($stmt->execute()) {
                                echo '系统系统：文章更新成功！';
                                $text = $log_uid . "更新了文章：《" . $title . "》";
                                $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                $stmt = $link->prepare($log);
                                $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                if ($stmt->execute()) {
                                    echo "记录日志中...";
                                } else {
                                    echo "未记录日志中..." . $stmt->error;
                                }
                            } else {
                                echo "Error updating article: " . $stmt->error;
                            }
                            break;

                        case 'menu': //添加栏目
                            $menu = htmlspecialchars($_POST['menu']);
                            $echo = htmlspecialchars($_POST['echo']);
                            $nav = htmlspecialchars($_POST['nav']);
                            if (empty($menu)) { ?>
                                系统提示：请输入栏目
                                <?php } else {
                                $sql = "INSERT INTO $article_menu (menu, status, nav) VALUES (?, ?, ?)";
                                $stmt = $link->prepare($sql);
                                $stmt->bind_param('sii', $menu, $echo, $nav);
                                if ($stmt->execute()) {
                                    $text = $log_uid . "添加了一个栏目：" . $menu;
                                    $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                    $stmt = $link->prepare($log);
                                    $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                    if ($stmt->execute()) {
                                        echo "记录日志中...";
                                    } else {
                                        echo "未记录日志中..." . $stmt->error;
                                    }
                                ?>
                                    系统提示：添加成功
                                <?php }
                            }
                            break;

                        case 'updatemenu': //更新栏目
                            $wbtreeid = isset($_GET['wbtreeid']) ? (int)$_GET['wbtreeid'] : 0;
                            $menu = isset($_POST['menu']) ? $link->real_escape_string($_POST['menu']) : '';
                            $echo = isset($_POST['echo']) ? $link->real_escape_string($_POST['echo']) : '';
                            $nav = isset($_POST['nav']) ? $link->real_escape_string($_POST['nav']) : '';
                            $sql = "UPDATE article_menu SET menu = ?, status = ?, nav = ? WHERE wbtreeid = ?";
                            $stmt = $link->prepare($sql);
                            $stmt->bind_param("siii", $menu, $echo, $nav, $wbtreeid);
                            if (empty($menu)) { ?>
                                系统系统：请输入栏目！
                                <?php } else {
                                if ($stmt->execute()) {
                                    $text = $log_uid . "更新了栏目：" . $menu;
                                    $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                    $stmt = $link->prepare($log);
                                    $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                    if ($stmt->execute()) {
                                        echo "记录日志中...";
                                    } else {
                                        echo "未记录日志中..." . $stmt->error;
                                    }
                                ?>
                                    系统系统：操作成功！
                                <?php } else {
                                    echo "Error updating " . $link->error;
                                    $text = $log_uid . "更新栏目（失败）：" . $menu;
                                    $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                    $stmt = $link->prepare($log);
                                    $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                    if ($stmt->execute()) {
                                        echo "记录日志中...";
                                    } else {
                                        echo "未记录日志中..." . $stmt->error;
                                    }
                                }
                            }
                            break;
                            
                        case 'updatepassword': //修改密码
                            $uid = $_SESSION['id'];
                            $password = md5(htmlspecialchars($_POST['password']));
                            $sql = "UPDATE $sql_admin SET password = ? WHERE id = ?";
                            $stmt = $link->prepare($sql);
                            $stmt->bind_param("si", $password, $uid);
                            if (empty($password)) {
                                $text = $log_uid . "更新了密码";
                                $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                $stmt = $link->prepare($log);
                                $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                if ($stmt->execute()) {
                                    echo "记录日志中...";
                                } else {
                                    echo "未记录日志中..." . $stmt->error;
                                }
                                ?>
                                系统系统：请输入密码！
                                <?php } else {
                                if ($stmt->execute()) { ?>
                                    系统系统：操作成功！
                                <?php } else {
                                    echo "Error updating " . $link->error;
                                }
                            }
                            break;

                        case 'delarticle': //删除文章
                            $id = $_GET['id'] ?? 0;
                            if ($id <= 0) {
                                echo "无效的文章ID。";
                                break;
                            }
                            $stmt = $link->prepare("DELETE FROM $article WHERE id = ?");
                            if (!$stmt) {
                                die('预处理语句失败: ' . $link->error);
                            }
                            $stmt->bind_param("i", $id);
                            $stmt->execute();
                            if ($stmt->error) {
                                die('执行失败: ' . $stmt->error);
                            } else {
                                echo "系统系统：操作成功！";
                                $text = $log_uid . "删除了文章ID：" . $id;
                                $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                $stmt = $link->prepare($log);
                                $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                if ($stmt->execute()) {
                                    echo "记录日志中...";
                                } else {
                                    echo "未记录日志中..." . $stmt->error;
                                }
                            }
                            $stmt->close();
                            break;

                        case 'delmenu': //删除栏目
                            if (!isset($_GET['wbtreeid']) || empty($_GET['wbtreeid'])) {
                                die('系统提示：缺少必要参数');
                            }

                            $wbtreeid = intval($_GET['wbtreeid']);
                            if ($wbtreeid <= 0) {
                                die('系统提示：参数无效');
                            }

                            try {
                                $stmt = $link->prepare("DELETE FROM $article_menu WHERE wbtreeid = ?");
                                $stmt->bind_param("i", $wbtreeid);  // "i"表示整数类型
                                if ($stmt->execute()) {
                                    if ($stmt->affected_rows > 0) {
                                        echo '系统提示：删除成功！';
                                        $text = $log_uid . "删除了栏目：" . $wbtreeid;
                                        $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                        $stmt = $link->prepare($log);
                                        $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                        if ($stmt->execute()) {
                                            echo "记录日志中...";
                                        } else {
                                            echo "未记录日志中..." . $stmt->error;
                                        }
                                    } else {
                                        echo '系统提示：未找到对应记录';
                                    }
                                } else {
                                    throw new Exception('数据库执行失败');
                                }
                            } catch (Exception $e) {
                                error_log('删除导航错误: ' . $e->getMessage());
                                die('系统提示：操作失败，请稍后重试');
                            }
                            break;

                        case 'deladmin': //删除管理员
                            $adminid = $_GET['adminid'];
                            $sql = "DELETE FROM $sql_admin WHERE id = ?";
                            $stmt = $link->prepare($sql);
                            $stmt->bind_param("i", $adminid);
                            if ($stmt->execute()) {
                                $text = $log_uid . "删除了管理员：" . $adminid;
                                $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                $stmt = $link->prepare($log);
                                $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                if ($stmt->execute()) {
                                    echo "记录日志中...";
                                } else {
                                    echo "未记录日志中..." . $stmt->error;
                                }
                                ?>
                                系统系统：操作成功！
                            <?php } else { ?>
                                系统系统：操作失败！
                            <?php }
                            break;

                        case 'user': //添加管理员
                            $username = htmlspecialchars($_POST['username']);
                            $password = md5($_POST['password']);
                            if (empty($username)) { ?>
                                系统提示：请输入管理员用户名
                                <?php } else {
                                if (empty($password)) { ?>
                                    系统提示：请输入管理员密码
                                    <?php } else {
                                    $sql = "INSERT INTO $sql_admin (username, password) VALUES (?, ?)";
                                    $stmt = $link->prepare($sql);
                                    $stmt->bind_param('ss', $username, $password);
                                    if ($stmt->execute()) {
                                        $text = $log_uid . "添加了管理员：" . $username;
                                        $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                        $stmt = $link->prepare($log);
                                        $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                        if ($stmt->execute()) {
                                            echo "记录日志中...";
                                        } else {
                                            echo "未记录日志中..." . $stmt->error;
                                        }
                                    ?>
                                        系统提示：添加成功
                <?php } else {
                                    }
                                }
                            }
                            break;


                        case 'webinfo': //网站信息修改
                            $id = "1";
                            $webname = isset($_POST['webname']) ? $link->real_escape_string($_POST['webname']) : '';
                            $keyword = isset($_POST['keyword']) ? $link->real_escape_string($_POST['keyword']) : '';
                            $description = isset($_POST['description']) ? $link->real_escape_string($_POST['description']) : '';
                            $logo = isset($_POST['logo']) ? $link->real_escape_string($_POST['logo']) : '';
                            $icp = isset($_POST['icp']) ? $link->real_escape_string($_POST['icp']) : '';
                            $icpwa = isset($_POST['icpwa']) ? $link->real_escape_string($_POST['icpwa']) : '';
                            $wacode = isset($_POST['wacode']) ? $link->real_escape_string($_POST['wacode']) : '';
                            $address = isset($_POST['address']) ? $link->real_escape_string($_POST['address']) : '';
                            $connect = isset($_POST['connect']) ? $link->real_escape_string($_POST['connect']) : '';
                            $email = isset($_POST['email']) ? $link->real_escape_string($_POST['email']) : '';

                            $static = isset($_POST['static']) ? $link->real_escape_string($_POST['static']) : '';

                            // 先检查记录是否存在
                            $check_sql = "SELECT id FROM $sql_webinfo WHERE id = ?";
                            $check_stmt = $link->prepare($check_sql);
                            $check_stmt->bind_param("i", $id);
                            $check_stmt->execute();
                            $check_result = $check_stmt->get_result();

                            if ($check_result->num_rows > 0) {
                                // 更新操作
                                $sql = "UPDATE $sql_webinfo SET webname=?, keyword=?, description=?, logo=?, icp=?, icpwa=?, address=?, connect=?, wacode=?, email=?, static=? WHERE id=?";
                                $stmt = $link->prepare($sql);
                                $stmt->bind_param("ssssssssssii", $webname, $keyword, $description, $logo, $icp, $icpwa, $address, $connect, $wacode, $email, $static, $id);
                            } else {
                                // 插入操作
                                $sql = "INSERT INTO $sql_webinfo (webname, keyword, description, logo, icp, icpwa, address, connect, wacode, email, static, id) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
                                $stmt = $link->prepare($sql);
                                $stmt->bind_param("ssssssssssii", $webname, $keyword, $description, $logo, $icp, $icpwa, $address, $connect, $wacode, $email, $static, $id);
                            }

                            if ($stmt->execute()) {
                                $text = $log_uid . "更新了网站信息：";
                                $log = "INSERT INTO $log (uid, ip, text, time) VALUES (?, ?, ?, ?)";
                                $stmt = $link->prepare($log);
                                $stmt->bind_param('issi', $log_uid, $ip, $text, $time);
                                if ($stmt->execute()) {
                                    echo "记录日志中...";
                                } else {
                                    echo "未记录日志中..." . $stmt->error;
                                }
                                echo "系统系统：操作成功！";
                            } else {
                                echo "Error: " . $stmt->error;
                            }
                            break;


                        case 'out':
                            session_destroy();
                            header("Location: /system/");
                            break;
                    }
                }
            } else {

                ?>


                操作失败！请先登入。


            <?php } ?>
        </div>
    </div>

    <script type="text/javascript">
        window.addEventListener('DOMContentLoaded', function() {
            document.getElementById('autoModal').style.display = 'flex';
        });

        setTimeout(function() {
            document.getElementById('autoModal').style.display = 'flex';
        }, 2000); // 2秒后弹出
    </script>
</body>

</html>